5a7599c018aa10b6214e3eb0987a4a1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a7599c018aa10b6214e3eb0987a4a1b_JaffaCakes118
Size

196KB
MD5

5a7599c018aa10b6214e3eb0987a4a1b
SHA1

d9ce01e414df675d583602025f2bc1598d9bb638
SHA256

84ba080602523addec337e703a786cae56da18b8767014345fe876c186eb14f1
SHA512

aa8cc5a22fcca90290b2779afbc1aaab1f1ce6cbaf12927fb98b2e399f5560c4e603302ca91f347c7271e571d165c8cf61fefafe412954da20689c17ff7a4a64
SSDEEP

3072:yty2oj7LnDV8RmrCafh4U89aTBfeSXQzvnApKhLrcn3N8iPomyvD:iy2oHLDqFafh4U89aTB9gznApivC3lTK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a7599c018aa10b6214e3eb0987a4a1b_JaffaCakes118

Files

5a7599c018aa10b6214e3eb0987a4a1b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e187319648873d0eb0f0f6a9f0976b74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup

rpcrt4

RpcStringFreeW
UuidToStringW

shlwapi

SHDeleteValueW
PathFindFileNameW
PathRemoveExtensionW
SHSetValueW
SHDeleteKeyW
SHGetValueW

user32

LoadIconW
SetWindowLongW
CreateWindowExW
GetSystemMetrics
RegisterClassExW
GetWindowRect
PostQuitMessage
PtInRect
GetWindowLongW
MapWindowPoints
DefWindowProcW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
FindWindowExW
MessageBoxIndirectW
SendMessageW
GetWindowThreadProcessId
GetShellWindow
LoadCursorW

kernel32

HeapReAlloc
RtlUnwind
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsProcessorFeaturePresent
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetTimeZoneInformation
GetStdHandle
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CreateProcessW
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
CloseHandle
GetCurrentProcessId
FindResourceA
FreeResource
LoadResource
CreateDirectoryW
GetTickCount
VirtualFree
LoadLibraryW
SizeofResource
CreateFileW
GetTempPathW
VirtualAlloc
LockResource
LocalFree
GetModuleHandleW
Sleep
DeleteCriticalSection
CopyFileW
DeleteFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
CreateMutexW
MapViewOfFile
UnmapViewOfFile
SetEvent
OpenFileMappingW
OpenEventW
ReleaseMutex
GetVersionExW
GetModuleFileNameW
SetEnvironmentVariableA
FindFirstFileW
SetFilePointer
VirtualQuery
WriteFile
WideCharToMultiByte
ReadFile
MultiByteToWideChar
FindClose
RemoveDirectoryW
FindNextFileW
FindResourceW
GetCurrentThreadId
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CompareStringW
MoveFileExW
GetFileSize
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RaiseException
LoadLibraryA
InterlockedExchange
FreeLibrary
LocalAlloc

advapi32

SetEntriesInAclW
SetSecurityInfo
AllocateAndInitializeSid
GetSecurityInfo
DuplicateTokenEx
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
FreeSid

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateGuid
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e187319648873d0eb0f0f6a9f0976b74

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

rpcrt4

shlwapi

user32

kernel32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 3.6MB - Virtual size: 3.6MB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

.reloc
Size: 17KB - Virtual size: 17KB